Optimization Guide - ESET Knowledgebase

Transcription

Virtual
Environment
Optimization Guide
Contents
Getting started......................................................................1
Software components.............................................................1
Section 1: Purchasing and downloading your software...............1
1.1 Getting your software........................................................ 1
Section 2: ESET Remote Administrator......................................1
Section 3: Creating a template................................................ 2
Section 4: Configuring a default policy..................................... 2
4.1 Checking into Remote Administrator.................................2
4.1.1 Updating from a mirror server..........................................2
4.2 Disable automatic updates at logon..................................3
4.3 Startup Scan priority.........................................................3
4.4 Exclude virtual machine tools and files..............................3
4.5 Minimum logging verbosity..............................................4
4.6 Disable the ESET graphical user interface...........................4
4.7 Save your virtual machine template...................................4
4.8 Startup Scan priority........................................................4
Section 5: Staggering scheduled tasks..................................... 4
Virtual
Environment
Optimization Guide
Copyright © 2011 ESET, spol. s r.o.
All rights reserved. No part of this documentation may be reproduced, stored
in a retrieval system or transmitted in any form or by any means, electronic,
mechanical, photocopying, recording, scanning, or otherwise without written
permission from the author.
ESET, spol. s r.o. reserves the right to change any of the described application
software without prior notice.
REV.20110808-001
Getting started
Tips and tricks...
Protecting your virtual environment with ESET NOD32 Antivirus and ESET Smart
Security is simple and straightforward. While our products protect your virtual
machine right out of the box, this guide will help optimize the performance of your
virtual enterprise installation while minimizing the amount of individual setup
required. The ESET Virtual Environment Optimization Guide enables you to rapidly
generate a virtual machine template with a preconfigured ESET security solution and
then deploy it to workstations. Because you’ll be using ESET Remote Administrator
to manage your virtual machines, be sure to read the ESET Remote Administrator
Basic Setup Guide and refer to it as necessary throughout this process.
Software components
You will need at least one virtual machine to act as a template starting point. Create
this machine using the virtualization solution of your choice, such as VMware, Citrix
or Microsoft Terminal Server. For detailed steps on creating a new virtual machine,
please view the documentation included with your virtualization software. You will
also want to have your ESET installation packages ready, which you will find in the
next section.
Section 1: Purchasing and downloading
your ESET software.
The first step in protecting your virtual environment is to purchase the ESET software
components mentioned above. Keep in mind that each virtual machine requires
one license, so make sure to purchase enough licenses to cover all of your virtual
machines. If you have not already purchased an ESET security product, please select
a link below, based on how many workstations you have:
1 - 15 workstations
16 - 2000 workstations
More than 2000 workstations
Download the companion guide:
ESET Remote Administrator Basic Setup Guide
http://www.eset.com/us/resources/manuals/ERA_Basic_
Setup_Guide.pdf
KB connection
Check the ESET Knowledgebase for more info:
Licensing FAQ (Business Users)
http://kb.eset.com/esetkb/
index?page=content&id=SOLN2667
What do I do with my ESET security product
license files?
Username and password examples:
Username: EAV-12345678
Pasword: 1a2bc3defg
1.1 Getting your software
After purchasing your ESET security product, click the link below to visit the ESET
Download Center and download your software:
http://www.eset.com/download/
Click I have already purchased ESET software, take me to my download button.
Click the Business Downloads tab and click the Download button beside ESET
NOD32 Antivirus 4 or ESET Smart Security 4. You will also need to download ESET
Remote Administrator Server and ESET Remote Administrator Console installation
package.
Section 2: ESET Remote Administrator
ESET Remote Administrator allows your virtual machines to check in and report to
one convenient spot, making it a critical tool for managing your virtual environment.
If you already have ESET Remote Administrator installed on a virtual machine (or
computer of your choice), you can skip to the next section of this guide.
If you need help installing and configuring ESET Remote Administrator, please
download and follow our ESET Remote Administrator Basic Setup Guide. The Basic
Setup Guide will walk you through the installation and configuration of ESET Remote
Administrator. Click the link below to download the guide:
KB connection
What is authentication data (username and
password) and what is its purpose?
KB connection
How do I update ESET Remote Administrator
with a new license file?
http://www.eset.com/us/resources/manuals/ERA_Basic_Setup_Guide.pdf
The ESET Remote Administrator Basic Setup Guide will also assist you in creating
a mirror server, which gives your virtual machines a central spot to download
virus signature database updates from without bogging your network down with
redundant downloads.
1
Section 3: Creating a template
Installing and configuring ESET NOD32 Antivirus or ESET Smart Security on a
template now will save you hours of work later. You will be able to save this virtual
machine’s configuration as a template and deploy it anytime you need a new
machine. When creating a new virtual machine, make sure you allocate enough
recourses to meet the minimum system requirements of ESET security products
(400MHz, 256MB RAM).
With your template machine open, install ESET NOD32 Antivirus or ESET Smart
Security, just as you would with a regular computer. Run the downloaded
installation file from Section 1, named eavbe_nt32_enu.msi or essbe_nt32_enu.msi.
Follow the installation wizard, selecting options you would like to include in your
template.
Figure 3-1: installing your ESET software
For step-by-step directions on installing your ESET security product, please click one
of the Knowledgebase links below:
Installing ESET NOD32 Antivirus
Installing ESET Smart Security
After your ESET security product is installed and functioning correctly on your virtual
machine, continue to Section 4 to optimize your settings.
Section 4: Configuring your template
Now you’re ready for the important part: Configuring your template to make it
suitable for deployment.
4.1 Checking into Remote Administrator
Your ESET security solution can report important information and status updates
to ESET Remote Administrator. To do so, your client must be properly configured to
check into ESET Remote Administrator. Follow the steps below, using your template
machine and freshly installed copy of ESET NOD32 Antivirus or ESET Smart Security.
1. Open the main program window by clicking the ESET icon next to the system clock
or by clicking Start > All Programs > ESET > ESET Smart Security or ESET NOD32
Antivirus.
Figure 4-1: Remote administration setup window
2. Press the F5 key on your keyboard to enter the Advanced Setup menu.
3 Click the Remote administration section from the Setup tree on the left, under
the Miscellaneous section.
4. Select the Connect to Remote Administrator server check box on the right side
of the Setup menu. You will also need to enter the Server address and the Port (if
changed from default) where ESET Remote Administrator is running.
KB connection
What is ESET Remote Administrator?
5. If the Remote Administrator server requires authentication, enter that password
by selecting the check box at the bottom of the page.
Your client will check in with ESET Remote Administrator at the next connection
interval.
How do I install ESET Remote Administrator
4.1.1 Updating from a mirror server
If you will be using a mirror server to update your clients, now is a good time to add
that information. The following steps are also done from the Advanced Setup menu,
where you left off in the previous step. If you have already left the Advanced Setup
menu, press F5 on your keyboard to reopen it.
1. Click Update from the Advanced Setup tree on the left.
2. Click the Edit... button in the Update settings for selected profile box.
3. Add the appropriate mirror server location and click Add. Click Ok and then select
the mirror from the drop-down menu to use your new mirror server as your main
Update server.
With your client checking into ESET Remote Administrator and updating from a
mirror server, you are now ready to configure some of the options and functionality
to optimize system performance.
2
and configure a Mirror server?
4.2 Disable automatic updates at logon
If you are in a situation where many virtual machines are turned on at the same time,
multiple clients updating simultaneously may overwhelm your network. The best
solution is to disable automatic updates at logon. Your machines will still update
when needed will avoid the initial rush at logon. Follow the steps below to disable
automatic updates at logon:
1. Open the main program window by clicking the ESET icon next to the system clock
or by clicking Start > All Programs > ESET > ESET NOD32 Antivirus or ESET Smart
Security.
2. If you see the message Display: Standard mode in the lower left corner, toggle to
Advanced mode by clicking Change... or by pressing CTRL + M on your keyboard.
3. From the main menu, click Tools > Scheduler to open the Scheduler/Planner
window.
4. Deselect the Automatic update after user logon (Launch time: User logon)
checkbox.
Return to the main program window and leave it open. You have a couple more steps
to do before your template is ready to be saved.
Figure 4-2: the Scheduler window
KB connection
Can I change the frequency of virus signature
updates? (4.x)
Why does my automatic system startup scan
take an unusually long time to complete?
4.3 Startup Scan priority
Similar to the issue avoided in section 4.2, changing the Startup Scan priority can
be helpful with larger networks that have multiple virtual machines. When you first
logon to Windows, your ESET security product will run a Startup Scan to check for
malicious software. This configuration change will still run the Startup scan, but will
wait to do so until there are available CPU resources. Follow the steps below to set
the Startup Scan priority to When Idle.
1. From the main menu, click Tools > Scheduler to open the Scheduler/Planner
window.
2. Select System startup file check (User logon) from the list and click Edit....
3. Click Next four times and then click Finish.
4. In the Automatic startup file check window, select When idle from the Scan
priority drop-down menu.
Figure 4-3: the Scan priority setting drop-down menu
5. Click OK. Your system will now run the startup scan only when the CPU is idle.
Quick Links
4.4 Exclude virtual machine tools and files
Exclusion information:
Scanning system files, and in this case, the virtual machine software, can
occasionally cause stability issues. To prevent this, we recommend that you
manually exclude any such files from the Antivirus and antispyware scanning engine
by following the steps below.
Hyper-V Exclusions:
http://technet.microsoft.com/en-us/library/
dd283088(WS.10).aspx
1. Press the F5 key on your keyboard to display the Advanced Setup window.
2. From the Advanced Setup tree, click Exclusions (under the Antivirus and
antispyware section) and then click the Add... button.
VMware View:
http://www.vmware.com/files/pdf/VMwareView-AntiVirusDeployment-WP-en.pdf
Citrix Exclusions:
http://support.citrix.com/article/CTX127030
3. The Add exclusion window will be displayed. Using the directory tree, browse for
the folder or file you wish to exclude. The directory path will automatically display In
the Exclusion: field. Click OK to save the exclusion.
Different virtualization solutions have different files that you should exclude.
Please review your virtualization documentation to add the appropriate files to the
exclusion list or check the Quick Links area to the right.
Figure 4-4: the exclusions list
3
4.5 Minimum logging verbosity
If you plan on disabling the graphical user interface in section 4.6, it is important that
you have the correct logging verbosity selected. Without the GUI, you’ll have to rely
on information sent from the client to ESET Remote Administrator.
1. Press the F5 button on your keyboard to enter the Advanced setup window.
2. From the menu tree on the left, click Log files, found under the Tools section.
3. Make sure the Minimum logging verbosity is set to Informative records.
Figure 4-5: the minimum logging verbosity setting
If the logging verbosity is set too high, your network may experience issues with
clients reporting too much information. If verbosity is set too low, it will be hard to
determine possible issues with your clients. The Informative records setting offers
a good compromise: keeping you informed while keeping data transmission to a
minimum.
4.6 Disable the ESET graphical user interface
For this next step, we highly recommend reading the Knowledgebase article linked
below for more information. Disabling the GUI is for advanced users only. After
disabling EGUI.exe, your ESET security solution will run without a graphical user
interface. This saves system resources, but must be managed using ESET Remote
Administrator.
KB connection
How do I disable the graphical user interface
(egui.exe)?
Warning - Please read the following article before proceeding to step 1:
http://kb.eset.com/esetkb/index?page=content&id=SOLN2340
1. Click Start > Run (Windows Vista users: Click Start, type Run and press ENTER).
2. Copy and paste or type the following string into the command line field and click
OK:
REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v egui /f
After restarting your virtual machine, your ESET security product will silently load
and run without a graphics user interface.
Figure 4-6: the Windows Run window
4.7 Save your virtual machine template
If you skipped section 4.6 and did not restart your virtual machine, please restart it
now. Save your virtual machine template using your virtualization software. You may
also want to install other software packages commonly used on virtual machines
you deploy.
You now have a preconfigured, ready-to-deploy image any time you need a new
machine. New deployed machines will run without the GUI (if step 4.6 was followed),
check into ESET Remote Administrator and receive updates from your mirror server.
KB connection
Section 5: Staggering scheduled tasks
If you plan on scheduling tasks or On-demand scans and would like to prevent each
client from scanning at the same time, you must make groups in ESET Remote
Administrator Console using Tools > Group Manager. After creating groups, use
Policy Manager assign specific tasks to each group. Policy manager will allow you
to create custom configurations on a per-group basis. By default, ESET Smart
Security 5 does not include a scheduled On-demand scan, so staggering scans will
be unnecessary. If you need to stagger other tasks for any reason, please refer to the
ESET Remote Administrator User Guide for details.
Creating a scheduled scan using ESET
Remote Administrator
ESET Remote Administrator Installation Manual and User Guide
Figure 5-1: Static Groups in ERAC
4

Optimization Guide - ESET Knowledgebase

Transcription

Documents pareils

Client list and telephone number to reach you

Home Anti-Virus Protection

Seagate ® Rescue ™ after-market data recovery plan terms

Administrative Guide

Private Training Schools Act

Guide Utilisateurs : Procès de création de compte

Online free antivirus software -- If the subject believed he was telling

Introduction - Belkin Business

2013-2014 - Services Juridiques Communautaires